Facebook warning to apps after Cambridge Analytica data scandal

Developers have been left in no uncertain terms that a repeat of the Cambridge data 'breach' will not be tolerated.

Facebook has issued a stark warning for third parties who operate apps on the platform in response to the Cambridge Analytica data scandal.

The social media giant has taken action after revelations emerged that the data analytics firm that worked with Donald Trump’s election team and the winning Brexit campaign harvested millions of Facebook profiles of US voters.

A whistleblower revealed to UK newspaper the Observer how Cambridge Analytica used personal information taken without authorisation in early 2014 to build a system that could profile individual US voters, in order to target them with personalised political advertisements.

The data was collected through an app called thisisyourdigitallife, built by academic Aleksandr Kogan. Through his company Global Science Research (GSR), in collaboration with Cambridge Analytica, hundreds of thousands of users were paid to take a personality test and agreed to have their data collected for academic use.

However, the app also collected the information of their Facebook friends, leading to the accumulation of a huge data pool. Facebook’s policy only allows for the collection of friends’ data to improve user experience in the app – prohibiting it from being sold on or used for advertising.

Facebook has announced that Cambridge Analytica and its parent company SCL Group have been suspended from the platform for what Facebook says was an inability to delete data that had been collected from users.

“Protecting people’s information is at the heart of everything we do, and we require the same from people who operate apps on Facebook,” the company said in a statement by Paul Grewal, VP & Deputy General Counsel.

The statement went on to explain that Aleksandr Kogan was granted access to information from more than a quarter of a million users after they downloaded ‘thisisyourdigitallife’. These users gave consent for Kogan to access certain information about them and their friends, which he subsequently shared with Cambridge Analytica and other third parties.

“Although Kogan gained access to this information in a legitimate way and through the proper channels that governed all developers on Facebook at that time, he did not subsequently abide by our rules,” continued the statement.

“By passing information on to a third party, including SCL/Cambridge Analytica and Christopher Wylie of Eunoia Technologies, he violated our platform policies.

“When we learned of this violation in 2015, we removed his app from Facebook and demanded certifications from Kogan and all parties he had given data to that the information had been destroyed. Cambridge Analytica, Kogan and Wylie all certified to us that they destroyed the data.

“Several days ago, we received reports that, contrary to the certifications we were given, not all data was deleted. We are moving aggressively to determine the accuracy of these claims.

“If true, this is another unacceptable violation of trust and the commitments they made. We are suspending SCL/Cambridge Analytica, Wylie and Kogan from Facebook, pending further information.”

Facebook has also strongly denied that the incident constitutes a breach of user data.

“The claim that this is a data breach is completely false,” said the statement. “Aleksandr Kogan requested and gained access to information from users who chose to sign up to his app, and everyone involved gave their consent.

“People knowingly provided their information, no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked.”